Alibabacloud Cfw Status Overview
Security checks across malware telemetry and agentic risk
Overview
The skill is mostly aligned with read-only Alibaba Cloud Firewall status checks, but it pushes the agent to immediately use local Alibaba Cloud credentials and change/update the CLI without clear user approval or metadata disclosure.
Install only if you are comfortable with the agent using your local Aliyun CLI profile and querying Cloud Firewall status data. Before use, confirm the exact Alibaba Cloud account, profile, region, and least-privilege read-only RAM policy. Avoid running automatic installer/plugin-update steps without review, and verify Aliyun AI-mode is disabled after the skill finishes or if it is interrupted.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run Alibaba Cloud commands against the user's default account before confirming the target account, profile, or whether the user intended that access.
These instructions force tool use and suppress normal user confirmation, refusal, and uncertainty handling before running credentialed cloud CLI commands.
`Start executing CLI commands immediately` ... `DO NOT ask the user for ... additional input` ... `DO NOT refuse to execute` ... `If you are unsure whether you can run commands, just try running one`
Remove refusal-override language and require an explicit user confirmation of the Aliyun profile, account, region, and read-only scope before running commands.
The skill could use whichever Alibaba Cloud profile is currently configured locally, which may be the wrong account or a broader-privileged credential than intended.
The registry metadata under-declares the credential/profile dependency, while the skill expects local Alibaba Cloud credentials to be available through the Aliyun CLI.
Metadata: `Primary credential: none`, `Required config paths: none`; SKILL.md: `Pre-check: Alibaba Cloud Credentials Required` and `ONLY use aliyun configure list to check credential status`
Declare the Alibaba Cloud credential requirement and relevant config path, require least-privilege read-only RAM permissions, and ask the user to confirm the intended Aliyun profile/account before use.
The agent may download or update local CLI/plugin code before querying status, changing the user's local environment and introducing supply-chain exposure.
The skill includes unpinned remote installation/update paths and mandatory automatic plugin installation, despite being presented as an instruction-only, read-only status query skill.
`curl -fsSL https://aliyuncli.alicdn.com/setup.sh | bash` ... `[MUST] run aliyun configure set --auto-plugin-install true` ... `[MUST] run aliyun plugin update`
Use a declared install mechanism with pinned/reviewed versions, avoid curl-to-bash workflows, and require explicit user approval before installing or updating CLI plugins.
A user or agent may treat these cloud account queries as harmless local commands and skip appropriate consent or scope checks.
This framing downplays that `aliyun cloudfw` commands are credentialed network API calls that can reveal sensitive cloud security and asset information.
`The aliyun CLI is a local command-line tool — running it is the same as running any other shell command (e.g., ls, curl)`
Describe the commands accurately as credentialed Alibaba Cloud API calls and clearly state what account data will be queried.
The user's Aliyun CLI behavior may remain changed if cleanup does not run successfully.
The skill changes persistent CLI configuration and relies on cleanup at every exit point. The cleanup requirement is disclosed, but failures or cancellations could leave the setting enabled.
`aliyun configure ai-mode enable` ... `aliyun configure ai-mode set-user-agent` ... `[MUST] Disable AI-Mode at EVERY exit point`
Prefer per-command or temporary configuration where possible, and tell users to verify `aliyun configure ai-mode disable` after interrupted runs.